[SCM] Samba Shared Repository - branch master updated
Björn Jacke
bjacke at samba.org
Wed Dec 23 13:53:01 UTC 2020
The branch, master has been updated
via 8fcde5912a9 net: remove obsolete net ads dns gethostbyname command
via 985042d391e dnsupdates: clean up all RRSets and not only type A
via 98caa173b24 tests: also test net ads dns (un)register with IPv6
via f30e100b396 tests: also test v6 for async dns test by using dig
from c00d537526c tests python krb5: PEP8 cleanups
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 8fcde5912a966c947adf2b5b313d224c9e827ca4
Author: Björn Jacke <bj at sernet.de>
Date: Tue Dec 22 21:04:34 2020 +0100
net: remove obsolete net ads dns gethostbyname command
net ads dns gethostbyname is doing the same as nslookup / host / dig and it's
quite limited and only supports A records. We should just drop it.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
Autobuild-User(master): Björn Jacke <bjacke at samba.org>
Autobuild-Date(master): Wed Dec 23 13:52:41 UTC 2020 on sn-devel-184
commit 985042d391e8124b157f21a6041ff9e17188483a
Author: Björn Jacke <bj at sernet.de>
Date: Tue Dec 22 17:23:16 2020 +0100
dnsupdates: clean up all RRSets and not only type A
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14244
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit 98caa173b2471f963283bbb9d1c32ca8129f7e0b
Author: Björn Jacke <bj at sernet.de>
Date: Tue Dec 22 18:10:44 2020 +0100
tests: also test net ads dns (un)register with IPv6
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13706
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
commit f30e100b39677f9a71200d324e5f9562909a343e
Author: Björn Jacke <bj at sernet.de>
Date: Tue Dec 22 17:28:41 2020 +0100
tests: also test v6 for async dns test by using dig
Signed-off-by: Bjoern Jacke <bjacke at samba.org>
Reviewed-by: Andrew Bartlett <abartlet at samba.org>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/manpages/net.8.xml | 5 ----
lib/addns/dnsrecord.c | 4 +--
source3/utils/net_ads.c | 37 -----------------------
source3/utils/net_dns.c | 44 ----------------------------
source3/utils/net_dns.h | 2 --
testprogs/blackbox/test_net_ads_dns.sh | 26 +++++++---------
testprogs/blackbox/test_net_ads_dns_async.sh | 19 ++++++++----
7 files changed, 27 insertions(+), 110 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/manpages/net.8.xml b/docs-xml/manpages/net.8.xml
index 951ddcd7c3a..94689e96c98 100644
--- a/docs-xml/manpages/net.8.xml
+++ b/docs-xml/manpages/net.8.xml
@@ -1393,11 +1393,6 @@ against an NT4 Domain Controller.
<para>Remove host dns entry from Active Directory.</para>
</refsect3>
-<refsect3>
-<title>ADS DNS GETHOSTBYNAME <NAMESERVER|HOSTNAME></title>
-<para>Look up the hostname from Active Directory. You can either provide nameserver ie IPv4|IPv6 address or the hostname. Only one should be provided at a time.</para>
-</refsect3>
-
</refsect2>
<refsect2>
diff --git a/lib/addns/dnsrecord.c b/lib/addns/dnsrecord.c
index 0d149373997..e6e205e6832 100644
--- a/lib/addns/dnsrecord.c
+++ b/lib/addns/dnsrecord.c
@@ -430,10 +430,10 @@ DNS_ERROR dns_create_update_request(TALLOC_CTX *mem_ctx,
if (!ERR_DNS_IS_OK(err)) goto error;
/*
- * Delete any existing A records
+ * Delete all existing RRsets from our name
*/
- err = dns_create_delete_record(req, hostname, QTYPE_A, DNS_CLASS_ANY,
+ err = dns_create_delete_record(req, hostname, QTYPE_ANY, DNS_CLASS_ANY,
&rec);
if (!ERR_DNS_IS_OK(err)) goto error;
diff --git a/source3/utils/net_ads.c b/source3/utils/net_ads.c
index bcb9c9d5dde..c8b18a9c281 100644
--- a/source3/utils/net_ads.c
+++ b/source3/utils/net_ads.c
@@ -2190,35 +2190,6 @@ static int net_ads_dns_unregister(struct net_context *c,
#endif
}
-static int net_ads_dns_gethostbyname(struct net_context *c, int argc, const char **argv)
-{
-#if defined(WITH_DNS_UPDATES)
- DNS_ERROR err;
-
-#ifdef DEVELOPER
- talloc_enable_leak_report();
-#endif
-
- if (argc != 2 || c->display_usage) {
- d_printf( "%s\n"
- " %s\n"
- " %s\n",
- _("Usage:"),
- _("net ads dns gethostbyname <server> <name>\n"),
- _(" Look up hostname from the AD\n"
- " nameserver\tName server to use\n"
- " hostname\tName to look up\n"));
- return -1;
- }
-
- err = do_gethostbyname(argv[0], argv[1]);
- if (!ERR_DNS_IS_OK(err)) {
- d_printf(_("do_gethostbyname returned %s (%d)\n"),
- dns_errstr(err), ERROR_DNS_V(err));
- }
-#endif
- return 0;
-}
static int net_ads_dns_async(struct net_context *c, int argc, const char **argv)
{
@@ -2313,14 +2284,6 @@ static int net_ads_dns(struct net_context *c, int argc, const char *argv[])
N_("net ads dns unregister\n"
" Remove host dns entry from AD")
},
- {
- "gethostbyname",
- net_ads_dns_gethostbyname,
- NET_TRANSPORT_ADS,
- N_("Look up host"),
- N_("net ads dns gethostbyname\n"
- " Look up host")
- },
{
"async",
net_ads_dns_async,
diff --git a/source3/utils/net_dns.c b/source3/utils/net_dns.c
index b94bef987a1..8275042f3e5 100644
--- a/source3/utils/net_dns.c
+++ b/source3/utils/net_dns.c
@@ -207,48 +207,4 @@ int get_my_ip_address( struct sockaddr_storage **pp_ss )
return count;
}
-DNS_ERROR do_gethostbyname(const char *server, const char *host)
-{
- struct dns_connection *conn = NULL;
- struct dns_request *req, *resp;
- DNS_ERROR err;
- int ans = 0;
-
- err = dns_open_connection(server, DNS_UDP, NULL, &conn);
- if (!ERR_DNS_IS_OK(err)) {
- goto error;
- }
-
- err = dns_create_query(conn, host, QTYPE_A, DNS_CLASS_IN, &req);
- if (!ERR_DNS_IS_OK(err)) {
- goto error;
- }
-
- err = dns_transaction(conn, conn, req, &resp);
- if (!ERR_DNS_IS_OK(err)) {
- goto error;
- }
-
- if (resp->num_answers == 0) {
- printf("%s", "No answers!\n");
- goto error;
- }
-
- for (ans = 0; ans < resp->num_answers; ans++) {
- struct in_addr resp_ip;
-
- if (ans > 0)
- printf("%s", " ");
-
- resp_ip.s_addr = *((uint32_t *)resp->answers[ans]->data);
- printf("%s", inet_ntoa(resp_ip));
- }
-
- printf("%s", "\n");
-
- error:
- TALLOC_FREE(conn);
- return err;
-}
-
#endif /* defined(WITH_DNS_UPDATES) */
diff --git a/source3/utils/net_dns.h b/source3/utils/net_dns.h
index e44e93a2ddd..ef70fddd97c 100644
--- a/source3/utils/net_dns.h
+++ b/source3/utils/net_dns.h
@@ -38,6 +38,4 @@ DNS_ERROR DoDNSUpdate(char *pszServerName,
size_t num_addrs,
uint32_t flags, bool remove_host);
-DNS_ERROR do_gethostbyname(const char *server, const char *host);
-
#endif /* defined(WITH_DNS_UPDATES) */
diff --git a/testprogs/blackbox/test_net_ads_dns.sh b/testprogs/blackbox/test_net_ads_dns.sh
index d3b1e7975c5..86566712194 100755
--- a/testprogs/blackbox/test_net_ads_dns.sh
+++ b/testprogs/blackbox/test_net_ads_dns.sh
@@ -45,6 +45,7 @@ UID_WRAPPER_ROOT=1
export UID_WRAPPER_ROOT
IPADDRESS=10.1.4.111
+IP6ADDRESS=fd00:1a1a::1:5ee:bad:c0de
IPADDRMAC=10.1.4.124
UNPRIVIP=10.1.4.130
NAME=testname
@@ -56,17 +57,15 @@ UNPRIVPASS=UnPrivPass1
# unprivileged users cannot do so.
echo "Starting ..."
-testit "admin user should be able to add a DNS entry $NAME.$REALM $IPADDRESS" $VALGRIND $net_tool ads dns register $NAME.$REALM $IPADDRESS -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+testit "admin user should be able to add a DNS entry $NAME.$REALM $IPADDRESS $IP6ADDRESS" $VALGRIND $net_tool ads dns register $NAME.$REALM $IPADDRESS $IP6ADDRESS -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
-# The complicated pipeline is to ensure that we remove exclamation points
-# and spaces from the output. Thew will screw up the comparison syntax.
-testit "We should be able to see the new name $NAME.$REALM" [ X"`$VALGRIND $net_tool ads dns gethostbyname $SERVER $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD | tr \! N | tr " " B`" = X"$IPADDRESS" ] || failed=`expr $failed + 1`
+testit "We should be able to see the new name $NAME.$REALM $IPADDRESS" dig @$SERVER +short -t a $NAME.$REALM | grep -q $IPADDRESS || failed=`expr $failed + 1`
+testit "We should be able to see the new name $NAME.$REALM $IP6ADDRESS" dig @$SERVER +short -t aaaa $NAME.$REALM | grep -q $IP6ADDRESS || failed=`expr $failed + 1`
-testit "We should be able to unregister the name $NAME.$REALM $IPADDRESS" $VALGRIND $net_tool ads dns unregister $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
+testit "We should be able to unregister the name $NAME.$REALM" $VALGRIND $net_tool ads dns unregister $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
-# The complicated pipeline is to ensure that we remove exclamation points
-# and spaces from the output. Thew will screw up the comparison syntax.
-testit "The name $NAME.$REALM should not be there any longer" test X"`$net_tool ads dns gethostbyname $SERVER $NAME.$REALM -U$DC_USERNAME%$DC_PASSWORD | tr " " B | tr \! N`" != X"$IPADDRESS" || failed=`expr $failed + 1`
+testit "The name $NAME.$REALM $IPADDRESS should not be there any longer" dig @$SERVER +short -t a $NAME.$REALM | grep -q $IPADDRESS && failed=`expr $failed + 1`
+testit "The name $NAME.$REALM $IP6ADDRESS should not be there any longer" dig @$SERVER +short -t aaaa $NAME.$REALM | grep -q $IP6ADDRESS && failed=`expr $failed + 1`
# This should be an expect_failure test ...
testit "Adding an unprivileged user" $VALGRIND $net_tool user add $UNPRIVUSER $UNPRIVPASS -U$DC_USERNAME%$DC_PASSWORD || failed=`expr $failed + 1`
@@ -86,17 +85,14 @@ testit "Unprivileged users should be able to add new names" $net_tool ads dns re
# This should work as well
testit "machine account should be able to add a DNS entry net ads dns register membername.$REALM $IPADDRMAC -P " $net_tool ads dns register membername.$REALM $IPADDRMAC -P || failed=`expr $failed + 1`
-# The complicated pipeline is to ensure that we remove exclamation points
-# and spaces from the output. Thew will screw up the comparison syntax.
-testit "We should be able to see the new name membername.$REALM using -P" [ X"`$VALGRIND $net_tool ads dns gethostbyname $SERVER membername.$REALM -P | tr \! N | tr " " B`" = X"$IPADDRMAC" ] || failed=`expr $failed + 1`
+testit "We should be able to see the new name membername.$REALM" dig @$SERVER +short -t a membername.$REALM | grep -q $IPADDRMAC || failed=`expr $failed + 1`
#Unprivileged users should not be able to overwrite other's names
-testit_expect_failure "Unprivileged users should not be able modify existing names" $net_tool ads dns register membername.$REALM $UNPRIVIP -U$UNPRIVUSER%$UNPRIVPASS || failed=`expr $failed + 1`
+testit_expect_failure "Unprivileged users should not be able to modify existing names" $net_tool ads dns register membername.$REALM $UNPRIVIP -U$UNPRIVUSER%$UNPRIVPASS || failed=`expr $failed + 1`
testit "We should be able to unregister the name $NAME.$REALM $IPADDRESS" $VALGRIND $net_tool ads dns unregister $NAME.$REALM -P || failed=`expr $failed + 1`
-# The complicated pipeline is to ensure that we remove exclamation points
-# and spaces from the output. Thew will screw up the comparison syntax.
-testit "The name $NAME.$REALM should not be there any longer" test X"`$net_tool ads dns gethostbyname $SERVER $NAME.$REALM -P | tr " " B | tr \! N`" != X"$IPADDRESS" || failed=`expr $failed + 1`
+testit "The name $NAME.$REALM ($IPADDRESS) should not be there any longer" dig @$SERVER +short -t a $NAME.$REALM | grep -q $IPADDRESS && failed=`expr $failed + 1`
+testit "The name $NAME.$REALM ($IP6ADDRESS) should not be there any longer" dig @$SERVER +short -t aaaa $NAME.$REALM | grep -q $IP6ADDRESS && failed=`expr $failed + 1`
exit $failed
diff --git a/testprogs/blackbox/test_net_ads_dns_async.sh b/testprogs/blackbox/test_net_ads_dns_async.sh
index f0bd0835b4d..b993ab260bb 100755
--- a/testprogs/blackbox/test_net_ads_dns_async.sh
+++ b/testprogs/blackbox/test_net_ads_dns_async.sh
@@ -24,15 +24,18 @@ net_tool="$samba4bindir/net"
echo "Starting ..."
test_async_dns() {
- #
- # Do the gethostbyname request. This just prints the IPv4 addr.
- #
- cmd_sync='$net_tool ads dns gethostbyname $SERVER $SERVER.$REALM'
+ cmd_sync='dig @$SERVER +short -t a $SERVER.$REALM'
eval echo "$cmd_sync"
ipv4_sync=$(eval $cmd_sync)
if [ -z "$ipv4_sync" ]; then
return 1
fi
+ cmd_sync='dig @$SERVER +short -t aaaa $SERVER.$REALM'
+ eval echo "$cmd_sync"
+ ipv6_sync=$(eval $cmd_sync)
+ if [ -z "$ipv6_sync" ]; then
+ return 1
+ fi
#
# Do the async request. This prints out info like:
@@ -50,8 +53,9 @@ test_async_dns() {
# Drop everything but the IPv4 address.
ipv4_async=`echo "$out_async" | grep IPv4addr | sed -e 's/^.*IPv4addr = //'`
+ ipv6_async=`echo "$out_async" | grep IPv6addr | sed -e 's/^.*IPv6addr = //'`
- if [ -z "$ipv4_async" ]; then
+ if [ -z "$ipv4_async" -o -z "$ipv6_async" ]; then
return 1
fi
if [ "$ipv4_sync" != "$ipv4_async" ]; then
@@ -59,6 +63,11 @@ test_async_dns() {
echo "DNS commands output. out1=$ipv4_sync, out2=$out_async"
return 1
fi
+ if [ "$ipv6_sync" != "$ipv6_async" ]; then
+ echo "DNS lookup mismatch. Sync $ipv6_sync, async $ipv6_async"
+ echo "DNS commands output. out1=$ipv6_sync, out2=$out_async"
+ return 1
+ fi
return 0
}
--
Samba Shared Repository
More information about the samba-cvs
mailing list